In the face of major disruptions, companies need to grasp the opportunity to build resilient supply chains for the future, and challenge traditional and ineffective approaches to risk management and planning.
Clash of realities – supply chains in a world of accelerating disruptions
We are living in a world of accelerating disruptions and risk events. Yes, many people will consent to this statement in the midst of the Corona crisis, but do we still remember what we saw happen just in the last 12 months? Just to name a few events: a record summer heatwave in 2019 and droughts impacting harvests in many countries of Europe; floods in the US which submerged millions of acres of farmland; large-scale wildfires in Australia, California, the Amazon, and the boreal forests of the arctic circle. And in parallel continued war in the middle east, renewed nuclear threats, global trade wars, and the UK exiting the European union.
And then there is the reality of today’s supply chains, which have over decades created wealth and access to affordable products for many millions around the globe. They are global and interconnected, outsourced with high complexity of partners, and have been optimized for productivity and agility/ JIT over many years. But our supply chains are also clashing with the world of accelerating disruptions: They are highly vulnerable. They are strongly exposed to multi-point interdependencies and second-order ripple effects. They are sometimes too much designed for perfection and lacking buffers as margin for error. They need to re-capture a critical capability which may have gotten lost over time: Resilience!
The genesis of supply chain resilience
While resilience has been applied for decades in many different disciplines such as ecology, engineering, sociology, psychology, economics and organizational analysis, supply chain management adopted the approach to overcome the narrower concept of robustness. At MIT and Cranfield University, the term of supply chain resilience was crafted in 2004 in order to provide a concept that includes supply chain characteristics such as to absorb unexpected changes in the environment, to flexibly adjust in the short-term, and to adapt to an uncertain environment in the long run. Since then, supply chain resilience describes the ability of a supply chain to contain the impact of a disruption and return to its original state or move to a new, more desirable state after being disturbed. Consequently, the concept of Supply chain resilience is not new, however in the course of the last 15 years, we have not yet managed to make supply chains substantially more resilient. Many different terms accompany the discussion of resilience in supply chain management such as vulnerability, risk, hazard, disruption, exposure, mitigation, continuity or criticality. To overcome the crossfire of different definitions, we summarize that supply chain resilience refers to both the ability to identify supply chain vulnerability and thus the ability to reduce supply chain risk in a focused way.
A segmented approach for managing disruptions and variability
While traditional risk management approaches have shown significant weaknesses, advanced technology stemming from mathematics and information science has opened up new opportunities. We need a new approach to deal with different characteristics of risks and disruptions impacting our value chains. We need to deal with all of them better than today and do it in a much more differentiated and segmented way!
Let us start by having a look at the different types of risks. While there are countless different taxonomies of risks in science and amongst practitioners, from the perspective of supply chain strategy we like to differentiate between 3 different archetypes along the continuum of risks, see Figure 1.Figure 1: Risk and disruptions are a continuum, we need to approach them holistically, and avoid being blind on one eye
Common supply chain disruptions (such as poor supplier performance, forecast errors, transportation and promotion delays) are happening frequently but have one by one only limited impact on company performance. However, in sum, these market variabilities can significantly destabilize supply chains, trigger firefighting, and distract management attention away from required structural improvements. Finding the right mitigation approach is key to avoid we are getting consumed by the small variability in an increasingly uncertain environment. We will explain the approach to manage this known variability in the second part of the article.
Major disruptions and mega-disasters are what is often described as unknown unknowns. They can originate from operations (such as supplier and own factory incidents and closures) or the marketplace (for example competitor insolvencies or negative press coverage), and can include natural as well as and man-made mega-disasters like for example Corona Virus (2020) and Fukushima (2011). While they form a broad range and are truly not a homogeneous group, they have 2 things in common: they are luckily very infrequent and mostly cannot be predicted nor measured in probabilities. And if they hit, they have drastic impact which ranges from evaporating a year’s annual profit, over massively deteriorating the market position, to at worst threatening corporate survival.
Major disruptions and mega-events: Re-inventing risk management
When generic uncertainty and major disruptions meet “leaned-down” supply chains, supply chain risk management needs to rise to the challenge. Achieving that is not easy, and companies need to do 4 things to challenge and transform their current supply chain risk management approach.
- Change focus on what we can control
- Deeply understand networks and dependencies
- Quantify risk exposure and vulnerability
- Move from reactive measures to proactive revenue assurance
Change focus on what we can control – Traditional supply chain risk management suggests identifying numerous external risk events and then conducting their impact assessment, prioritization and mitigation. However, chasing for 360-degree risk alerts is creating too much signals noise, and is not the fit-for-purpose approach if we want to be prepared for the unknown and unpredictable. Instead, we need to focus on what we can control and predict, and that is our E2E supply network with its dependencies and vulnerabilities for risk. Only once we have this foundation in place, we can move to a much more focused risk event screening and direct mitigation measures. In summary, we should start with understanding vulnerability, not with assessing risk events.
Deeply understand networks and dependencies – Easier said than done. Many companies struggle to map the E2E supply network in sufficient granularity to support effective risk mitigation measures. Understandably so, as networks are undeniably complex: Bills of material with many components and variants, thousands of suppliers and contract manufacturers, the time dimension (e.g., lead times), buffers in multiple dimensions (e.g., inventory, capacity), contractual restrictions, and many interdependencies between the network nodes all make supply networks highly complex, multi-dimensional, and dynamic. The often simplistic, manual approaches for network mapping (e.g. focusing on top plants, strategic suppliers, A products and parts) are not sufficient, thus we need to embrace existing technology for supply chain modeling like machine learning, simulation, mathematical and statistical modeling to ensure we have digital twins of our network in place way before the crisis hits.
Quantify risk exposure and vulnerability – Quantifying the hidden weaknesses and vulnerabilities of the E2E supply network is the next step towards resilient supply chains, see Figure 2. How are buffers dimensioned? How is their current status? What when (instead of what if) an outage occurs, be it triggered by known or unknown variability? How long can the supply chain processes sustain the aggravation? What is their time to sustain? How long does it take to recover after a disruption has occurred? What could I do to prepare? What would be the consequences of my action? If I choose to do this action, would service for my priority customers improve? But how does such an investment influence my overall cost set-up?
Move from reactive measures to proactive revenue assurance – Quantifying vulnerability can help companies to move from reactive to proactive risk management mode. We think we need the supply chain version of the common penetration testing in the cyber-security space – supply chain vulnerability stress-tests. By simulating different multi-point failure (“what when”) scenarios across the E2E digital supply chain twin as well as alternative mitigation scenarios, we can move to a more robust network design and better prioritize often costly direct risk mitigation actions such as building supply chain flexibility and redundancy.
Supply chain executives need to address these 4 points in timely fashion, both in the current crisis and to better prepare for the next disruption. And re-inventing supply chain risk-management is not only about IT and technology but needs a multi-dimensional approach: We need SCM management and operational teams to change and align their perspective and approach to risk. We need to embrace existing technology to transfer physical supply chains to digital twins for vulnerability stress-testing. And we need the right governance and processes to embed the new risk management approach in different areas from network/ asset planning, over supplier management, to tactical supply chain planning.
Figure 2: Understanding vulnerability of supply nodes is key for efficient supply chain risk management
 M. Christopher and H. Peck, 2004, Building the resilient supply chain Y. Sheffi and James B. Rice, 2005, A Supply Chain View of the Resilient Enterprise